---
# This ansible-playbook provisions a host to look more like
# freshly-from-hetzner.
#
# What it does:
#   enable root access via password (password: 'vagrant')
# What it *not* does:
#   remove vagrant user (needed for provisions done in here)
#
# This playbook should be called by vagrant as part of
# host setup.
#
- hosts: all
  become: yes
  remote_user: root
  handlers:
    - name: restart sshd
      service: name=ssh state=restarted

  tasks:
    - name: "Tell uname"
      command: uname -a

    - name: "Enable sshd root access with password"
      lineinfile: dest=/etc/ssh/sshd_config
                  regexp="^PermitRootLogin"
                  line="PermitRootLogin yes"
                  owner="root"
                  group="root"
                  state="present"
      notify:
        - restart sshd

    - name: "Set root password to 'vagrant'"
      user: name=root
            update_password=always
            password="$6$oTFfb32l$mGKYqJsXpH/A03SIY.Y03XcROSP1ElwgvvvUcuywBqvVDr6fBe7QAKSBHgzRhjJ//ngXHUr95YRQityCnOyOH1"

    - name: "Unlock root account."
      command: passwd -u root

    - name: "vagrant-provision | restart sshd"
      service: name="ssh" enabled=yes state=restarted